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DETAILED ACTION 

Information Disclosure Statement 

The information disclosure statement filed December 21 , 2004 has been placed 
in the application file and the information referred to therein has been considered as to 

the merits. 

Priority 

Acknowledgment is made of applicant's claim for foreign priority based on an 
application filed in Japan on April 21, 2003. It is noted, however, that applicant has not 
filed a certified copy of the P2003-1 1 5755 application as required by 35 U.S.C. 1 1 9(b). 



Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1 ) an application for patent, published under section 1 22(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

Claims 1-19 are rejected under 35 U.S.C. 102(e) as being anticipated by US 
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The applied reference has a common assignee with the instant application. 
Based upon the earlier effective U.S. filing date of the reference, it constitutes prior art 
under 35 U.S.C. 102(e). This rejection under 35 U.S.C. 102(e) might be overcome 
either by a showing under 37 CFR 1 .132 that any invention disclosed but not claimed in 
the reference was derived from the inventor of this application and is thus not the 
invention "by another," or by an appropriate showing under 37 CFR 1 .131 . 

Regarding claim 1, Saito meets the claimed limitations as follows: 
"A device authentication system comprising a terminal device including confidential 
information for device authentication and an authentication server for granting device 
authentication to the terminal device using the confidential information, wherein the 
terminal device acquires a random number and generates a conversion value by 
converting a set of the acquired random number and the confidential information using a 
one-way function; the authentication server acquires the random number acquired by 
the terminal device, the confidential information of the terminal device, and the 
conversion value generated by the terminal device; a conversion value is generated by 
converting the set of the acquired random number and the confidential information using 
the same one-way function as that used by the terminal device; and the conversion 
value generated by the terminal device is compared with the conversion value 
generated by the authentication server." see column 13, line 14 to column 14, line 7 and 
Figures 18 and 19. 

Regarding claim 2, Saito meets the claimed limitations as follows: 
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"The terminal device that is granted device authentication in the device authentication 
system according to claim 1, comprising: reception means for receiving from the 
authentication server a random number and random-number identification information 
for identifying the random number; conversion means for generating a conversion value 
by converting a set of the received random number and the confidential information 
using a one-way function; and transmission means for transmitting the generated 
conversion value, the received random-number identification information, and 
confidential-information identification information for identifying the confidential 
information in the authentication server." see column 13, line 14 to column 14, line 7 
and Figures 18 and 19. 

Regarding claim 3, Saito meets the claimed limitations as follows: 
"The authentication server for granting device authentication to the terminal device 
according to claim 2, comprising: random-number acquisition means for acquiring a 
random number; transmission means for transmitting to the terminal device the acquired 
random number and random-number identification information for identifying the 
random number; reception means for receiving from the terminal device a conversion 
value, the random-number identification information, and confidential-information 
identification information; random-number identification means for identifying the 
random number transmitted to the terminal device using the received random-number 
identification information; confidential-information identification means for identifying the 
confidential information of the device terminal using the received confidential- 
information identification information; conversion means for generating a conversion 
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value by converting a set of tlie identified confidential information and the random 
number using the same one-way function as that used by the terminal device; and 
device authentication means for granting device authentication to the terminal device 
using the received conversion value and the generated conversion value." see column 
13, line 14 to column 14, line 7 and Figures 18 and 19. 

Regarding claim 4, Saito meets the claimed limitations as follows: 
"A service server included in the device authentication system according to claim 1 , the 
service server providing a service to the terminal device via device authentication by the 
authentication server, the service server comprising: random-number acquisition means 
for acquiring a random number; random-number transmission means for transmitting 
the acquired random number to the terminal device; reception means for receiving from 
the terminal device a conversion value generated using the confidential information and 
confidential-information identification information; random-number identification means 
for identifying the random number transmitted to the terminal device; authentication- 
information transmission means for transmitting, to the authentication server, 
authentication information including the received conversion value, the confidential- 
information identification information, and the identified random number; and 
authentication-result reception means for receiving from the authentication server a 
result of authentication based on the transmitted authentication information." see 
column 13, line 14 to column 14, line 26; column 18, line 30 to column 19, line 4; 
column 19, line 35 to column 20, line 28 and Figures 18, 19, 21 and 22. 

Regarding claim 5, Saito meets the claimed limitations as follows: 
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"The terminal device receiving a service from the service server according to claim 4, 
comprising: random-number reception means for receiving a random number from the 
service server; conversion means for generating a conversion value by converting a set 
of the received random number and the confidential information by the use of a one-way 
function; and transmission means for transmitting the generated conversion value and 
confidential-information identification information for identifying the confidential 
information in the authentication server." see column 13, line 14 to column 14, line 26; 
column 18, line 30 to column 19, line 4; column 19, line 35 to column 20, line 28 and 
Figures 18, 19, 21 and 22. 

Regarding claim 6, Saito meets the claimed limitations as follows: 
"The authentication server for granting device authentication to the device terminal 
when the service server according to claim 4 provides a service, the authentication 
server comprising: reception means for receiving, from the service server, 
authentication information including a conversion value, confidential-information 
identification information, and a random number; confidential-information identification 
means for identifying the confidential information of the terminal device by the use of the 
received confidential-information identification information; conversion means for 
generating a conversion value by converting a set of the received random number and 
the identified confidential information by the use of the same one-way function as that 
used by the terminal device; and device authentication means for granting device 
authenticating to the terminal device by the use of the received conversion value and 
the generated conversion value." see column 13, line 14 to column 14, line 26; column 
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18, line 30 to column 19, line 4; column 19, line 35 to column 20, line 28 and Figures 18, 
19,21 and 22. 

Regarding claim 7, Saito meets the claimed limitations as follows: 
"A terminal device method used by the terminal device that is granted device 
authentication in the device authentication system according to claim 1, the terminal 
device including a computer having reception means, conversion means, and 
transmission means, the terminal device method comprising: a reception step of 
receiving from the authentication server a random number and random-number 
identification information for identifying the random number by the reception means; a 
conversion step of generating a conversion value by converting a set of the received 
random number and the confidential information using a one-way function by the 
conversion means; and a transmission step of transmitting the generated conversion 
value, the received random-number identification information, and confidential- 
information identification information for identifying the confidential information in the 
authentication server by the transmission means." see column 13, line 14 to column 14, 
line 7 and Figures 18 and 19. 

Regarding claim 8, Saito meets the claimed limitations as follows: 
"An authentication method used by the authentication server for granting device 
authentication to the terminal device according to claim 2, the authentication server 
including a computer having random-number acquisition means, transmission means, 
reception means, random-number identification means, confidential-information 
identification means, conversion means, and device authentication means, the 
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authentication method comprising: a random-number acquisition step of acquiring a 
random number by the random-number acquisition means; a transmission step of 
transmitting to the terminal device the acquired random number and random-number 
identification information for identifying the random number by the transmission means; 
a reception step of receiving from the terminal device a conversion value, the random- 
number identification information, and confidential-information identification information 
by the reception means; a random-number identification step of identifying the random 
number transmitted to the terminal device using the received random-number 
identification information by the random-number identification means; a confidential- 
information identification step of identifying the confidential information of the device 
terminal using the received confidential-information identification information by the 
confidential-information identification means; a conversion step of generating a 
conversion value by converting a set of the identified confidential information and the 
random number using the same one-way function as that used by the terminal device 
by the conversion means; and a device authentication step of granting device 
authentication to the terminal device using the received conversion value and the 
generated conversion value by the device authentication means." see column 13, line 
14 to column 14, line 7 and Figures 18 and 19. 

Regarding claim 9, Saito meets the claimed limitations as follows: 
"An authentication method used by the service server according to claim 4, the service 
server including a computer having random-number acquisition means, random-number 
transmission means, reception means, random-number identification means. 
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authentication-information transmission means, and authentication-result reception 
means, the authentication method comprising: a random-number acquisition step of 
acquiring a random number by the random-number acquisition means; a random- 
number transmission step of transmitting the acquired random number to the terminal 
device by the random-number transmission means; a reception step of receiving from 
the terminal device a conversion value generated using the confidential information and 
confidential-information identification information by the reception means; a random- 
number identification step of identifying the random number transmitted to the terminal 
device by the random-number identification means; an authentication-information 
transmission step of transmitting, to the authentication server, authentication information 
including the received conversion value, the confidential-information identification 
information, and the identified random number by the authentication-information 
transmission means; and an authentication-result reception step of receiving from the 
authentication server a result of authentication based on the transmitted authentication 
information by the authentication-result reception means." see column 13, line 14 to 
column 14, line 26; column 18, line 30 to column 19, line 4; column 19, line 35 to 
column 20, line 28 and Figures 18, 19, 21 and 22. 

Regarding claim 10, Saito meets the claimed limitations as follows: 
"A terminal device method used by the terminal device receiving a service from the 
service server according to claim 4, the terminal device including a computer having 
random-number reception means, conversion means, and transmission means, the 
terminal device method comprising: a random-number reception step of receiving a 
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random number from the service server by the random-number reception means; a 
conversion step of generating a conversion value by converting a set of the received 
random number and the confidential information by the use of a one-way function by the 
conversion means; and a transmission step of transmitting the generated conversion 
value and confidential-Information identification information for identifying the 
confidential Information In the authentication server by the transmission means." see 
column 13, line 14 to column 14, line 26; column 18, line 30 to column 19, line 4; 
column 19, line 35 to column 20, line 28 and Figures 18, 19, 21 and 22. 

Regarding claim 1 1 , Salto meets the claimed limitations as follows: 
"An authentication method used by the authentication server for granting device 
authentication to the device terminal when the service server according to claim 4 
provides a service, the authentication server including a computer having reception 
means, confidential-Information Identification means, conversion means, and device 
authentication means, the authentication method comprising: a reception step of 
receiving, from the service server, authentication information including a conversion 
value, confidential-information identification information, and a random number by the 
reception means; a confidential-Information identification step of Identifying the 
confidential Information of the terminal device by the use of the received confidential- 
Information Identification information by the confidential-information identification 
means; a conversion step of generating a conversion value by converting a set of the 
received random number and the identified confidential information by the use of the 
same one-way function as that used by the terminal device by the conversion means; 
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and a device authentication step of granting device authenticating to the terminal device 
by the use of the received conversion value and the generated conversion value by the 
device authentication means." see column 13, line 14 to column 14, line 26; column 18, 
line 30 to column 19, line 4; column 19, line 35 to column 20, line 28 and Figures 18, 19, 
21 and 22. 

Regarding claim 12, Saito meets the claimed limitations as follows: 
"A terminal device program in the terminal device that is granted device authentication 
in the device authentication system according to claim 1, the terminal device including a 
computer, the terminal device program realizing: a reception function for receiving from 
the authentication server a random number and random-number identification 
information for identifying the random number; a conversion function for generating a 
conversion value by converting a set of the received random number and the 
confidential information using a one-way function; and a transmission function for 
transmitting the generated conversion value, the received random-number identification 
information, and confidential-information identification information for identifying the 
confidential information in the authentication server." see column 13, line 14 to column 
14, line 7 and Figures 18 and 19. 

Regarding claim 13, Saito meets the claimed limitations as follows: 
"An authentication program in the authentication server for granting device 
authentication to the terminal device according to claim 2, the authentication server 
including a computer, the authentication program realizing: a random-number 
acquisition function for acquiring a random number; a transmission function for 
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transmitting to the terminal device the acquired random number and random-number 
Identification Information for Identifying the random number; a reception function for 
receiving from the terminal device a conversion value, the random-number Identification 
Information, and confidential-Information Identification Information; a random-number 
identification function for identifying the random number transmitted to the terminal 
device using the received random-number Identification Information; a confidential- 
Information Identification function for Identifying the confidential Information of the device 
terminal using the received confidential-Information Identification Information; a 
conversion function for generating a conversion value by converting a set of the 
identified confidential Information and the random number using the same one-way 
function as that used by the terminal device; and a device authentication function for 
granting device authentication to the terminal device using the received conversion 
value and the generated conversion value." see column 13, line 14 to column 14, line 7 
and Figures 18 and 19. 

Regarding claim 14, Salto meets the claimed limitations as follows: 
"A service server program In the service server according to claim 4, the service server 
including a computer, the service server program realizing: a random-number 
acquisition function for acquiring a random number; a random-number transmission 
function for transmitting the acquired random number to the terminal device; a reception 
function for receiving from the terminal device a conversion value generated using the 
confidential Information and confidential-Information Identification Information; a 
random-number Identification function for Identifying the random number transmitted to 
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the terminal device; an authentication-information transmission function for transmitting, 
to the authentication server, authentication information including the received 
conversion value, the confidential-information identification information, and the 
identified random number; and an authentication-result reception function for receiving 
from the authentication server a result of authentication based on the transmitted 
authentication information." see column 13, line 14 to column 14, line 26; column 18, 
line 30 to column 19, line 4; column 19, line 35 to column 20, line 28 and Figures 18, 19, 
21 and 22. 

Regarding claim 15, Saito meets the claimed limitations as follows: 
"A terminal device program in the terminal device receiving a service from the service 
server according to claim 4, the terminal device including a computer, the terminal 
device program realizing: a random-number reception function for receiving a random 
number from the service server; a conversion function for generating a conversion value 
by converting a set of the received random number and the confidential information by 
the use of a one-way function; and a transmission function for transmitting the 
generated conversion value and confidential-information identification information for 
identifying the confidential information in the authentication server." see column 13, line 
14 to column 14, line 26; column 18, line 30 to column 19, line 4; column 19, line 35 to 
column 20, line 28 and Figures 18, 19, 21 and 22. 

Regarding claim 16, Saito meets the claimed limitations as follows: 
"An authentication program in the authentication server for granting device 
authentication to the device terminal when the service server according to claim 4 
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provides a service, tlie autlientication server including a computer, the authentication 
program realizing: a reception function for receiving, from the service server, 
authentication information including a conversion value, confidential-information 
identification information, and a random number; a confidential-information identification 
function for identifying the confidential information of the terminal device by the use of 
the received confidential-information identification information; a conversion function for 
generating a conversion value by converting a set of the received random number and 
the identified confidential information by the use of the same one-way function as that 
used by the terminal device; and a device authentication function for granting device 
authenticating to the terminal device by the use of the received conversion value and 
the generated conversion value." see column 13, line 14 to column 14, line 26; column 
18, line 30 to column 19, line 4; column 19, line 35 to column 20, line 28 and Figures 18, 
19,21 and 22. 

Regarding claim 17, Saito meets the claimed limitations as follows: 
"A computer-readable recording medium including the device terminal program 
according to claim 12 or claim 15." see column 13, line 14 to column 14, line 26; column 
18, line 30 to column 19, line 4; column 19, line 35 to column 20, line 28 and Figures 18, 

19,21 and 22. 

Regarding claim 18, Saito meets the claimed limitations as follows: 
"A computer-readable recording medium including the authentication program according 
to claim 13 or claim 16." see column 13, line 14 to column 14, line 26; column 18, line 
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30 to column 19, line 4; column 19, line 35 to column 20, line 28 and Figures 18, 19, 21 
and 22. 

Regarding claim 19, Saito meets the claimed limitations as follows: 
"A computer-readable recording medium including the service server program according 
to claim 14." see column 13, line 14 to column 14, line 26; column 18, line 30 to column 
19, line 4; column 19, line 35 to column 20, line 28 and Figures 18, 19, 21 and 22. 

Conclusion 

The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

A. Wakayama (US 20050144484). 

B. Zilliacus et al (US 6,915,272). 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Matthew B. Smithers whose telephone number is (571) 

272- 3876. The examiner can normally be reached on Monday-Friday (8:00-4:30) EST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel L. Moise can be reached on (571) 272-3865. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 

273- 8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Matthew B Smithers/ 

Primary Examiner, Art Unit 2437 



